Privacy Policy

Last Updated: October 22, 2025

1. Introduction

Welcome to Web3 Communities ("we," "us," or "our"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and safeguard your information. This Privacy Policy explains our practices regarding data collection and usage for our Web3 community directory platform.

By accessing or using our website at web3directory.xyz (the "Service"), you agree to the terms outlined in this Privacy Policy. If you do not agree with this policy, please discontinue use of the Service.

2. Information We Collect

2.1 Information You Provide Directly

When you interact with our Service, you may provide us with information including but not limited to:

Account Information: When you create an account or authenticate through third-party services (such as Google, GitHub, Discord, or other OAuth providers), we may collect your name, email address, profile picture, and other information provided by those services.
Community Information: When you submit or manage a community listing, we collect details such as community name, description, location, blockchain focus, social media links, and contact information.
Communications: Information you provide when contacting us via email, forms, or other communication channels.
Profile Data: Any information you choose to add to your user profile, including bio, interests, and preferences.

2.2 Information Collected Automatically

We automatically collect certain information when you access or use our Service:

Usage Data: Information about how you interact with our Service, including pages visited, features used, time spent on pages, click patterns, and navigation paths.
Device Information: Information about the device you use to access our Service, including device type, operating system, browser type and version, unique device identifiers, and mobile network information.
Location Data: General geographic location based on IP address (country, state, city level), which helps us understand where our users are located and provide relevant community recommendations.
Log Data: Server logs that may include IP addresses, access times, browser type, and referring URLs.
Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities. See Section 7 for more details.

2.3 Information from Third Parties

We may receive information about you from third-party sources:

Authentication Providers: When you log in using OAuth providers (Google, GitHub, Discord, etc.), we receive basic profile information as permitted by those services.
Analytics Services: We use third-party analytics services (such as Google Analytics, Vercel Analytics, PostHog, or similar tools) that may collect and process data about your usage of our Service.
Blockchain Data: Publicly available blockchain addresses and transaction data if you choose to connect a wallet or share blockchain-related information.

3. How We Use Your Information

We use the information we collect for various purposes, including:

Service Delivery: To provide, operate, maintain, and improve our Service, including community directory features, search functionality, and user authentication.
Personalization: To personalize your experience, recommend relevant communities, and display content tailored to your interests and location.
Communication: To send you service-related notifications, updates, newsletters, marketing communications (with your consent), and respond to your inquiries.
Analytics and Insights: To understand how users interact with our Service, identify pain points, track usage patterns, measure the effectiveness of features, and gather demographic information to improve our platform.
Security and Fraud Prevention: To detect, prevent, and address security issues, fraudulent activity, and violations of our Terms of Service.
Legal Compliance: To comply with legal obligations, respond to legal requests, enforce our policies, and protect our rights and the rights of others.
Research and Development: To develop new features, conduct research, and test new functionality.
Advertising: To display relevant advertisements and measure advertising effectiveness (if we implement advertising in the future).

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, our legal basis for collecting and using your personal information depends on the specific information and context:

Contractual Necessity: Processing is necessary to provide the Service you requested.
Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our Service, preventing fraud, and ensuring security, provided these interests are not overridden by your rights.
Consent: We have obtained your explicit consent for specific processing activities (e.g., marketing communications, certain analytics).
Legal Obligation: Processing is necessary to comply with legal requirements.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 With Your Consent

We will share your information when you explicitly consent to such sharing.

5.2 Service Providers

We may share information with third-party service providers who perform services on our behalf, including:

Hosting and infrastructure providers (e.g., Vercel, cloud storage services)
Analytics providers (e.g., Google Analytics, PostHog, Vercel Analytics)
Authentication services (e.g., NextAuth.js, OAuth providers)
Email service providers
Customer support tools
Database and data storage providers

These service providers are bound by contractual obligations to keep information confidential and use it only for the purposes for which we disclose it to them.

5.3 Public Information

Information you choose to make public (such as community listings, public profile information, or comments) will be accessible to other users and may be indexed by search engines.

5.4 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, including:

Compliance with legal obligations, court orders, or government requests
Enforcement of our Terms of Service and other agreements
Protection of the rights, property, or safety of our company, users, or others
Prevention of fraud, security issues, or technical problems

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

5.6 Aggregated or De-identified Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, marketing, or other purposes.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service, fulfill the purposes outlined in this Privacy Policy, or comply with legal obligations. Specific retention periods include:

Account Information: Retained while your account is active and for a reasonable period thereafter (typically 1-3 years) to comply with legal obligations and resolve disputes.
Usage Data and Analytics: Typically retained for 12-36 months, depending on the type of data and applicable regulations.
Communications: Retained for as long as necessary to provide support and maintain records of our interactions.
Legal and Compliance Data: Retained for periods required by applicable laws and regulations.

After the retention period expires, we will delete or anonymize your information. You may request deletion of your information at any time (see Section 10).

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and improve your experience.

7.1 Types of Cookies We Use

Essential Cookies: Necessary for the Service to function properly, including authentication and security features.
Analytics Cookies: Help us understand how users interact with our Service (e.g., Google Analytics, PostHog, Vercel Analytics).
Preference Cookies: Remember your settings and preferences, such as language or theme selections.
Marketing Cookies: May be used to deliver targeted advertising and measure campaign effectiveness (if implemented).

7.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can configure your browser to refuse cookies or alert you when cookies are being sent. However, disabling certain cookies may impact the functionality of our Service. You can also use opt-out tools provided by analytics services:

Google Analytics: https://tools.google.com/dlpage/gaoptout
Browser Do Not Track (DNT) settings: We respect DNT signals when technically feasible.

7.3 Third-Party Tracking

Third-party analytics and advertising services may also use cookies and similar technologies to collect information about your activities across different websites. We do not control these third-party technologies and encourage you to review their privacy policies.

8. Data Security

We implement reasonable technical, administrative, and physical security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include:

Encryption of data in transit using SSL/TLS protocols
Encryption of sensitive data at rest
Regular security assessments and vulnerability testing
Access controls and authentication mechanisms
Secure data storage with reputable hosting providers
Employee training on data protection and security practices

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and should notify us immediately of any unauthorized access.

9. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States and other jurisdictions where our service providers operate. These countries may have data protection laws that differ from those in your country.

When we transfer information internationally, we implement appropriate safeguards to protect your information, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with service providers
Compliance with applicable data protection frameworks (e.g., GDPR, CCPA)
Ensuring adequate levels of protection as required by law

10. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

10.1 Access and Portability

You have the right to request access to the personal information we hold about you and receive a copy of your data in a portable format.

10.2 Correction

You can update or correct your account information at any time through your account settings. For other corrections, please contact us.

10.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, legitimate business purposes).

10.4 Objection and Restriction

You may object to certain processing of your information or request that we restrict processing in specific circumstances.

10.5 Withdraw Consent

Where we rely on consent to process your information, you have the right to withdraw consent at any time.

10.6 Marketing Communications

You can opt out of marketing emails by clicking the unsubscribe link in any marketing email or adjusting your account settings.

10.7 Exercising Your Rights

To exercise any of these rights, please contact us at hello@web3directory.xyz. We will respond to your request within the timeframe required by applicable law (typically within 30 days).

10.8 Right to Complain

If you are located in the EEA or UK, you have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

11. Children's Privacy

Our Service is not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.

12. Third-Party Websites and Services

Our Service may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services before providing them with your information.

This includes authentication providers (Google, GitHub, Discord, etc.), blockchain explorers, community websites listed in our directory, and social media platforms.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. When we make material changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you via email or through a prominent notice on our Service
Obtain your consent if required by applicable law

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out: You have the right to opt out of the "sale" of your personal information. We do not sell personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at hello@web3directory.xyz. We may need to verify your identity before processing your request.

15. Nevada Privacy Rights

If you are a Nevada resident, you have the right to opt out of the sale of certain personal information. We do not sell personal information as defined under Nevada law. However, if you would like to exercise this right, please contact us at hello@web3directory.xyz.

16. Blockchain-Specific Privacy Considerations

Given the nature of blockchain technology and our Service focusing on Web3 communities, please be aware:

Public Blockchain Data: If you choose to share or connect a blockchain wallet address, that address and associated transactions are publicly visible on the blockchain and cannot be deleted or modified.
Immutability: Data recorded on blockchains is permanent and cannot be erased. We are not responsible for information you voluntarily publish on blockchain networks.
Third-Party Wallets: When you connect a wallet (e.g., MetaMask, WalletConnect), you are interacting with third-party services. Review their privacy policies separately.
Smart Contracts: Any interactions with smart contracts may be publicly visible and permanent on the blockchain.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: hello@web3directory.xyz

Website: https://web3directory.xyz

Twitter: @tidalDAO

We will make reasonable efforts to respond to all legitimate requests within one month. Occasionally, it may take us longer if your request is particularly complex or you have made multiple requests.